A ransomware infection, known as JeepersCrypt ransomware has been reported to wreak havoc on victim computers. The infection aims to perform multiple different modifications on the infected computers including encrypting their files, after which dropping a ransom note, demanding a ransom fee (0.02 BTC) to be paid in order to get the encrypted files restored back to normal. In case you have become a victim of JeepersCrypt ransomware, recommendations are to read the following article
|Short Description||Encrypts important documents, music, video, images and other files and then demands 0.02 BTC ransom to be paid in 24 hours to get the files back.|
|Symptoms||JeepersCrypt ransomware uses the .jeepers file extension which is added to the encrypted files. The virus then drops a ransom note, named JeepersCrypt Ransomware.|
|Detection Tool|| See If Your System Has Been Affected by JeepersCrypt |
Malware Removal Tool
|User Experience||Join our forum to Discuss JeepersCrypt.|
|Data Recovery Tool||Windows Data Recovery by Stellar Phoenix Notice! This product scans your drive sectors to recover lost files and it may not recover 100% of the encrypted files, but only few of them, depending on the situation and whether or not you have reformatted your drive.|
.Jeepers File Virus – How Does It Infect
The JeepersCrypt.exe may be spread via a downloader, dropper or other infection malware. Such malicious files may be spread via multiple different methods. One of those is via e-mail spam messages which may include them in the form of either malicious web links or malicious attachments. The e-mail messages being spammed may pretend to be legitimate e-mails claiming the victim has made a purchase or there a letter about to be delivered. Some e-mails may even contain false statements of a suspicious activity on the victim’s bank account. Examples can be seen below:
After JeepersCrypt ransomware infects your computer, the malware begins it’s malicious activity.
JeepersCrypt Ransomware – Infection Activity
After having infected a computer, JeepersCrypt ransomware may drop it’s malicious files in the following Windows locations:
In addition to dropping files, the .jeepers file virus may also modify the following Windows Registry sub-keys:
After having modified the sub-keys on the registry, the malware may begin the encryption process.
JeepersCrypt Virus – Encryption Process
For the encryption process, .jeepers file virus may target multiple different types of files on your computer. The virus is careful to avoid important system files so that it won’t damage your operating system. Among the encrypted files may be the following:
“PNG .PSD .PSPIMAGE .TGA .THM .TIF .TIFF .YUV .AI .EPS .PS .SVG .INDD .PCT .PDF .XLR .XLS .XLSX .ACCDB .DB .DBF .MDB .PDB .SQL .APK .APP .BAT .CGI .COM .EXE .GADGET .JAR .PIF .WSF .DEM .GAM .NES .ROM .SAV CAD Files .DWG .DXF GIS Files .GPX .KML .KMZ .ASP .ASPX .CER .CFM .CSR .CSS .HTM .HTML .JS .JSP .PHP .RSS .XHTML. DOC .DOCX .LOG .MSG .ODT .PAGES .RTF .TEX .TXT .WPD .WPS .CSV .DAT .GED .KEY .KEYCHAIN .PPS .PPT .PPTX ..INI .PRF Encoded Files .HQX .MIM .UUE .7Z .CBR .DEB .GZ .PKG .RAR .RPM .SITX .TAR.GZ .ZIP .ZIPX .BIN .CUE .DMG .ISO .MDF .TOAST .VCD SDF .TAR .TAX2014 .TAX2015 .VCF .XML Audio Files .AIF .IFF .M3U .M4A .MID .MP3 .MPA .WAV .WMA Video Files .3G2 .3GP .ASF .AVI .FLV .M4V .MOV .MP4 .MPG .RM .SRT .SWF .VOB .WMV 3D .3DM .3DS .MAX .OBJ R.BMP .DDS .GIF .JPG ..CRX .PLUGIN .FNT .FON .OTF .TTF .CAB .CPL .CUR .DESKTHEMEPACK .DLL .DMP .DRV .ICNS .ICO .LNK .SYS .CFG”Source:fileinfo.com
After the encryption process of .jeepers ransomware has completed the files are left no longer openable in the following manner:
JeepersCrypt ransomware, then leaves the following ransom note on the infected computer:
All the important archives were encrypted
You have 24 hours to buy a private key to decrypt your files
The key nail and 0.0200 BTC to buy the key
To buy the key contact us via email: [email protected]
And send a message with the following title “I want to buy a key for
Decrypt my files “that I will pass the information on how to buy the key
Fortunately files encrypted by JeepersCrypt ransomware are decryptable, thanks to malware researcher demonslay335, who published a free decryptor from download. Keep reading this article to learn how to remove JeepersCrypt and decrypt the files using this decryption software.
Remove JeepersCrypt Virus
Before the actual decryption takes place, we strongly suggest you to remove JeepersCrypt ransomware using the instructions below. In case manual removal is a challenge for you, security experts always recommend using an advanced anti-malware software to remove the malware automatically and protect your computer in the future as well.
Manually delete JeepersCrypt from your computer
Note! Substantial notification about the JeepersCrypt threat: Manual removal of JeepersCrypt requires interference with system files and registries. Thus, it can cause damage to your PC. Even if your computer skills are not at a professional level, don’t worry. You can do the removal yourself just in 5 minutes, using a malware removal tool.
Automatically remove JeepersCrypt by downloading an advanced anti-malware program
After having removed the malicious files of JeeepersCrypt Ransomware, it is time to decrypt the encoded ones.
Decrypt .jeepers Files for Free
Step 1: For the decryption process of JeepersCrypt ransomware to be successful, first you need to download StupidDecrypter by demonslay335 by clicking on the button below:
Step 2: After downloading it, extract it from the archive and then run the decryptor as an administrator:
After this, select directories with encrypted files and click on the “Decrypt” button which will turn bold black once directories are selected:
After this has completed, the program will ask you if you want to perform a copy process of the encrypted files and it is advisable to make such copies in a separate folder, just in case.